Network Penetration and Security

Northwestern EECS, Fall Quarter 2016

Programming Languages

Description

This class requires a broad background and draws from a variety of tool sets. The following is designed with the intent to give you a chance to exercise some of the skills you will need at specific points in the class that we won't have time to introduce. These exercises are not designed to be conceptually challenging and should be doable in a line or two of code each. Note that the project files include a test suite which has examples in case you have confusion when trying to get exactly the right output.

Doing this assignment on hamsa is recommended to avoid any cross-platform headache.

C

C is a wonderfully low-level language which gives the programmer a great deal of control over the computer. Many well known and common vulnerabilities can be exploited by abusing that power.

MySQL

MySQL is going to be the database of choice for this class. You will probably only need to know MySQL on one or two occasions for this course, which is why we don't have time to teach it to you. However, it will be significantly less frustrating to learn MySQL and then learn SQL injection rather than learn both at the same time.

Write a series of .sql files:

Creates a table called test with 3 columns.

1st column: An int column called pk that is by default 1 more than the previous row when a new row is inserted, known as a primary key.

2nd column: A varchar(20) column called name which can be used to store user names.

3rd column: A char(32) column called password which can be used to store password hashes.

Adds 2 rows to the table for users Foo and Bar, both with password f00Bar. The passwords should be stored as hashes.

Creates a table called test_color with two columns:

1st column: An int column called user_pk which can be used to identify the matching row in the test table.

2nd column: A varchar(20) column called fav_color which can be used to store the user's favorite color.

Ruby

Ruby is an all-purpose scripting language that is popular among the security community because of its ties to the Metasploit toolset. It's also good for the occasional one-liner off the command line.

Just to get you exposed to it, write a function called verify which validates that its argument (a string) could be buffer after it has been passed to put_stuff_in_buffer() in the C exercise. If it is, return a true value, otherwise return a false value.

Javascript

You really should know javascript if you want to do anything with the web (and we do things related to the web in this class). However, the course is designed such that you don't need any background in javascript coming in, though hopefully you'll leave knowing some.

Shell Commands

Knowing how to live in a text-only environment is really useful. In fact, it's crtitical, because once you've exploited a machine, you often have nothing but characters coming at you from a TCP socket. The following commands will be sufficient to complete the exercises below. It is highly recommended that you refer to their man pages for more information:

Lists all the filenames with the csv extension. The output should print one file on each line and they should be sorted alphabetically. The listing should include test/ as part of the relative path name.

Delete file8.txt. <Temporary Note> The testrig was updated on Friday so redownload the project files if you are getting errors on this part in particular.

Changes the permissions of the file file10.sh to be readable and executable by the owner but only readable by everyone else.